luks

How to install cryptsetup-luks

How to install cryptsetup-luks I’m actually trying to setup LUKS on a Red Hat 9.2 Server. Here is the problem : I can’t do yum install cryptsetup-luks or dnf install cryptsetup-luks. When I try to use one of these command I have the following output : no match for parameter: cryptsetup-luks error: unable to find …

Total answers: 1

Can a LUKS2 detached header technically be used for multiple drives?

Can a LUKS2 detached header technically be used for multiple drives? First, I’m aware that a similar question has already been answered. The answer was YES, but I’d like a second opinion, because : The question didn’t specify if it was LUKS1 or LUKS2 Something I’ve read on Wikipedia casts a doubt in my mind. …

Total answers: 1

how to close encrypted partition with nested partition table?

how to close encrypted partition with nested partition table? If I create an encrypted partition using cryptsetup cryptsetup -q luksFormat /dev/vdb3 /tmp/pwfile cryptsetup -d /tmp/pwfile luksOpen /dev/vdb3 pv00 and setup a nested gpt partition table on /dev/mapper/pv00 parted=/sbin/parted disk=/dev/mapper/pv00 ${parted} -s — "${disk}" mklabel gpt ${parted} -s — "${disk}" mkpart root 0% "${endp1}GiB" ${parted} -s …

Total answers: 1

Scripting fdisk with filesystem signature issues

Scripting fdisk with filesystem signature issues I’m trying to automatize fdisk with my Bash scripts. In my script, I have the following code block: echo "Creating root filesystem partition…" ( echo n echo 3 echo echo echo w ) | fdisk ${DEVICE} Where the DEVICE is physical disks like /dev/sda /dev/nvme0n1 etc. but not partitions. …

Total answers: 1

Is it risky to use hibernation in Ubuntu?

Is it risky to use hibernation in Ubuntu? I’ve read that hibernation often causes trouble in Linux environments, e.g. system fails to wake-up or freezes and sometimes even refuses booting after reset. I really like the idea of hibernating the system into a zero-power state, especially for traveling. But I don’t wanna hurt my system’s …

Total answers: 1

LUKS Encryption – Readable content

LUKS Encryption – Readable content In LUKS, only files get encrypted, not the entire drive. So my question is, what is accessible if just files are encrypted. For example: Are file paths or file names visible? (Eg: For Enrypted ZIP Files using ZipCrypto i can see full paths, filenames which makes it possible to attack)?? …

Total answers: 1

volume group not found on linux laptop after update

volume group not found on linux laptop after update After a recent update (not sure if that was the first including a new kernel 6.1) my ubuntu linux laptop cannot boot anymore the error is Volume group “ubuntu-vg” not found Cannot process volume group ubuntu vg IO error while decrypting keyslot. Keyslot open failed. Device …

Total answers: 2

LUKS encrypted USB: "Operation cancelled" error on correct passphrase

LUKS encrypted USB: "Operation cancelled" error on correct passphrase I’m asking as a new question because I don’t have enough rep to comment on answers, and the drive in question here is removable. I’ve set up an encrypted USB drive using cryptsetup luksFormat, but I’m having trouble mounting it on insertion as I can with …

Total answers: 1

How to increase the size of a LUKS file-container

How to increase the size of a LUKS file-container There are many tips on how to resize (increase) a LUKS2 encrypted device / partition / LVM volume. But how to increase the size of the LUKS container created in the file? I once created: dd if=/dev/random of=/some file bs=1M count=100 cryptsetup luksFormat /some-file cryptsetup luksOpen …

Total answers: 1

FIDO2 (YubiKey) to unlock LUKS from command line

FIDO2 (YubiKey) to unlock LUKS from command line Following the example of how to add a FIDO2 key from a YubiKey, but I can’t figure out how to use the YubiKey to unlock it form the command line. The instructions talk about unlocking at boot–but that’s not what I want. Setup Make a 128 MiB …

Total answers: 2

Is it possible to check if a LUKS device has been damaged by a foreign person?

Is it possible to check if a LUKS device has been damaged by a foreign person? Let’s assume I lost a LUKS encrypted USB pen drive. I think the file system type (ext4/fat32/…) doesn’t play a role. A foreign person finds it. Of course he cannot access my data because he doesn’t have the password. …

Total answers: 1

Mount encrypted volume in read/write mode

Mount encrypted volume in read/write mode The canonical method to mount encrypted volumes from the command line on later Ubuntu editions involves udisksctl. However, that recipe mounts the volume in read-only mode. $ udisksctl unlock -b /dev/sdd1 Passphrase: Unlocked /dev/sdd1 as /dev/dm-1. $ ls -la /dev/mapper total 0 drwxr-xr-x 2 root root 100 apr 2 …

Total answers: 1

Overwritten LUKS with a partition table

Overwritten LUKS with a partition table In what I now know feel was a stupid decision, I attempted to dual boot Windows and linux by using the windows installer, After booting into the windows installer I chose one of a 2 cloned hard drives about 500GB in size to erase, as they were cloned it …

Total answers: 1

How to refresh decoy data on a plausible deniability dm-crypt scheme?

How to refresh decoy data on a plausible deniability dm-crypt scheme? I just read this discussion between Linus Torvalds and (among others) Milan Broz, one of dm-crypt’s maintainers. I am intrigued by the the following part of the discussion : Linus Torvalds: I thought the people who used hidden ("deniable") things didn’t actually ever use …

Total answers: 2

Restore lost bootloader on a luks partition

Restore lost bootloader on a luks partition I need an advice about a bad situation. I was installing a new linux ditro by using my main PC. I booted with the ISO and then installed the distro on /dev/sdc, which was an external USB drive. My bad, I didn’t realized when installing, that I didn’t …

Total answers: 2

I Have LUKS Enabled And Integrated With TPM 2. How To Hide Passphrase Screen?

I Have LUKS Enabled And Integrated With TPM 2. How To Hide Passphrase Screen? System: Fedora 37, Gnome 43 I enabled LUKS encryption on setup and enabled auto-decrypt via TPM 2 with following an article from Fedora Magazine. Auto-decrypt works but while it decrypts, it shows the passphrase screen until system boots. How can I …

Total answers: 1

Allow user to change luks password

Allow user to change luks password Disk Utility allow to change hard disk encryption password with a simple GUI. I would like to allow non-admin/non-root user to change their luks password (IT have another slot for recovery). Unfortunately, when trying to change the luks password as non-admin, Disk Utility prompts the user for an admin …

Total answers: 1

Recovering LUKS partition with shred disk

Recovering LUKS partition with shred disk I have Ubuntu 18.04 LTS encrypted on my SSD and I ran the command: sudo shred -vfn 1 /dev/sda and have overwritten 8-10 GB I guess. Furthermore, my computer could not load the password input window after that. When I boot with the original disc I get this message …

Total answers: 3

Why does the swap mapper file get created even though I removed it from /etc/crypttab?

Why does the swap mapper file get created even though I removed it from /etc/crypttab? I have this line in /etc/crypttab for my swap partition: luks-4205519b-f3fe-468f-b05e-44f25f6882a4 UUID=4205519b-f3fe-468f-b05e-44f25f6882a4 /crypto_keyfile.bin luks,keyscript=/bin/cat I commented it out so it now looks like this: # luks-4205519b-f3fe-468f-b05e-44f25f6882a4 UUID=4205519b-f3fe-468f-b05e-44f25f6882a4 /crypto_keyfile.bin luks,keyscript=/bin/cat I rebooted but the mapper file /dev/mapper/luks-4205519b-f3fe-468f-b05e-44f25f6882a4 still gets created. Why? …

Total answers: 1